At the second GDPR Summit last week, businesses discovered that now is the time for them to be looking at the data they have, the legal basis with which they acquired it, and how it is being processed.

Last September, the GDPR Summit, which covered the new general data protection regulation, brought fear, uncertainty and panic. Businesses were told they must have stricter regulations to secure client data or face huge fines from the EU. Enormous alterations would be of vital importance, and the clock was ticking. Murmurs of concern bubbled among the crowd. “We know what we need to do, but how do we do it?”